At my work, we've been tasked with setting up Active Directory for
managing Windows desktop policy and users. We already have FreeIPA set
up (although it needs to be rebuilt) for some of our users, groups, and
Linux server policy. None of this is a huge setup (a few hundred
users).
We're considering having all the users defined in FreeIPA, and then just
having AD for the Windows computer policy, and setting AD up with a
one-way trust to FreeIPA. It seems like there's several documents that
talk about going the other way, but I'm not finding much for this.
Is this a reasonable approach - any issues we might run into? Is there
a good document for setting up a one-way trust from AD to IPA?
Thanks.
--
Chris Adams <linux(a)cmadams.net>
Show replies by date